﻿// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

using System;
using System.Collections.Generic;
using System.Text;

namespace Microsoft.Identity.Client.MtlsPop.Attestation
{
    /// <summary>
    /// Error codes returned by <c>AttestationClientLib.dll</c>.
    /// A value of <see cref="SUCCESS"/> (0) indicates success; all other
    /// values are negative and represent specific failure categories.
    /// </summary>
    internal enum AttestationResultErrorCode
    {
        /// <summary>The operation completed successfully.</summary>
        SUCCESS = 0,

        /// <summary>libcurl could not be initialized inside the native library.</summary>
        ERRORCURLINITIALIZATION = -1,

        /// <summary>The HTTP response body could not be parsed (malformed JSON, invalid JWT, etc.).</summary>
        ERRORRESPONSEPARSING = -2,

        /// <summary>Managed-Identity (MSI) access token could not be obtained.</summary>
        ERRORMSITOKENNOTFOUND = -3,

        /// <summary>The HTTP request exceeded the maximum retry count configured by the native client.</summary>
        ERRORHTTPREQUESTEXCEEDEDRETRIES = -4,

        /// <summary>An HTTP request to the attestation service failed (network error, non-200 status, timeout, etc.).</summary>
        ERRORHTTPREQUESTFAILED = -5,

        /// <summary>The attestation enclave rejected the supplied evidence (policy or signature failure).</summary>
        ERRORATTESTATIONFAILED = -6,

        /// <summary>libcurl reported “couldn’t send” (DNS resolution, TLS handshake, or socket error).</summary>
        ERRORSENDINGCURLREQUESTFAILED = -7,

        /// <summary>One or more input parameters passed to the native API were invalid or null.</summary>
        ERRORINVALIDINPUTPARAMETER = -8,

        /// <summary>Validation of the attestation parameters failed on the client side.</summary>
        ERRORATTESTATIONPARAMETERSVALIDATIONFAILED = -9,

        /// <summary>Native client failed to allocate heap memory.</summary>
        ERRORFAILEDMEMORYALLOCATION = -10,

        /// <summary>Could not retrieve OS build / version information required for the attestation payload.</summary>
        ERRORFAILEDTOGETOSINFO = -11,

        /// <summary>Internal TPM failure while gathering quotes or PCR values.</summary>
        ERRORTPMINTERNALFAILURE = -12,

        /// <summary>TPM operation (e.g., signing the quote) failed.</summary>
        ERRORTPMOPERATIONFAILURE = -13,

        /// <summary>The returned JWT could not be decrypted on the client.</summary>
        ERRORJWTDECRYPTIONFAILED = -14,

        /// <summary>JWT decryption failed due to a TPM error.</summary>
        ERRORJWTDECRYPTIONTPMERROR = -15,

        /// <summary>JSON in the service response was invalid or lacked required fields.</summary>
        ERRORINVALIDJSONRESPONSE = -16,

        /// <summary>The VCEK certificate blob returned from the service was empty.</summary>
        ERROREMPTYVCEKCERT = -17,

        /// <summary>The service response body was empty.</summary>
        ERROREMPTYRESPONSE = -18,

        /// <summary>The HTTP request body generated by the client was empty.</summary>
        ERROREMPTYREQUESTBODY = -19,

        /// <summary>Failed to parse the host-configuration-level (HCL) report.</summary>
        ERRORHCLREPORTPARSINGFAILURE = -20,

        /// <summary>The retrieved HCL report was empty.</summary>
        ERRORHCLREPORTEMPTY = -21,

        /// <summary>Could not extract JWK information from the attestation evidence.</summary>
        ERROREXTRACTINGJWKINFO = -22,

        /// <summary>Failed converting a JWK structure to an RSA public key.</summary>
        ERRORCONVERTINGJWKTORSAPUB = -23,

        /// <summary>EVP initialization for RSA encryption failed (OpenSSL).</summary>
        ERROREVPPKEYENCRYPTINITFAILED = -24,

        /// <summary>EVP encryption failed when building the attestation claim.</summary>
        ERROREVPPKEYENCRYPTFAILED = -25,

        /// <summary>Failed to decrypt data due to a TPM error.</summary>
        ERRORDATADECRYPTIONTPMERROR = -26,

        /// <summary>Parsing DNS information for the attestation service endpoint failed.</summary>
        ERRORPARSINGDNSINFO = -27,

        /// <summary>Failed to parse the attestation response envelope.</summary>
        ERRORPARSINGATTESTATIONRESPONSE = -28,

        /// <summary>Provisioning of the Attestation Key (AK) certificate failed.</summary>
        ERRORAKCERTPROVISIONINGFAILED = -29,

        /// <summary>Initialising the native attestation client failed.</summary>
        ERRORCLIENTINITFAILED = -30,

        /// <summary>The service returned an empty JWT.</summary>
        ERROREMPTYJWTRESPONSE = -31,

        /// <summary>Creating the KeyGuard attestation report failed on the client.</summary>
        ERRORCREATEKGATTESTATIONREPORT = -32,

        /// <summary>Failed to extract the public key from the import-only key.</summary>
        ERROREXTRACTIMPORTKEYPUB = -33,

        /// <summary>An unexpected C++ exception occurred inside the native client.</summary>
        ERRORUNEXPECTEDEXCEPTION = -34,

        /// <summary>Initialising the native logger failed (file I/O / permissions / path issues).</summary>
        ERRORLOGGERINITIALIZATION = -35
    }
}
